(1) Commenting on Symantec’s warning of a new Fakebank Android variant, Graham Cluley reports: This Android malware redirects calls you make to your bank to go to scammers instead – “MALWARE HELPS SCAMMERS TRICK YOU INTO THINKING YOU’RE SPEAKING TO YOUR BANK.”

The Fakebank malware is only targeting South Korea, right now, but Graham rightly suggests that the same gambit is likely to be re-used elsewhere.

(2) Apple has dealt a major blow to users of supercookies with a security improvement in Safari.

David Harley

Posted by: David Harley | March 17, 2018

Android antics and MacOS malware

An article by Denise Giusto Bilic for ESET: Tricks that cybercriminals use to hide in your phone (Very Android-oriented, not surprisingly…)

And a couple of links borrowed from AVIEN’s resource page Cryptocurrency/Crypto-mining News and Resources

David Harley

Posted by: David Harley | March 16, 2018

Unlocking the iPhone: we’ve been here before

Shaun Nichols, for The Register, reports on yet another tool for unlocking the iPhone: FYI: There’s a cop tool called GrayKey that force unlocks iPhones. Let’s hope it doesn’t fall into the wrong hands!

The article summarizes on by Thomas Reed, for Malwarebytes: GrayKey iPhone unlocker poses serious security concerns.

While the company does seem to be careful about to whom it sells the device, Thomas makes a number of disquieting points about the implications of this tool.

David Harley

Posted by: David Harley | March 12, 2018

Elk Cloner to Coldroot and beyond

Thomas Reed, who has been writing on Mac malware and security for a good while and nowadays writes for Malwarebytes, offers a report on The state of Mac malware, in which he offers some interesting information on four recent threats. Which put me into a mildly nostalgic mood. Perhaps because that title reminds me a little of my first ever Virus Bulletin paper: Macs and Macros – the State of the Macintosh Nation. But that was in 1997, and a lot of things have changed in the malware landscape since then.

Or have they? Well, I don’t have much to do with Mac malware nowadays – which is why I gave up maintaining the timeline pages on this site quite a few years ago. And the last time I wrote a major paper about it –  Mac Hacking: the way to better testing? – was 2013. (It was another Virus Bulletin paper, co-written with my colleague Lysa Myers: in fact, when we presented the paper she’d just migrated from Intego to ESET.) But one thing that doesn’t seem to have changed as much as you’d expect: as Thomas puts it, “Unfortunately, many Mac users still have serious misperceptions about the security of macOS.”

Well, it can certainly be argued that there are no macOS (or iOS) viruses. Quite a lot of other examples of malware, though, even if the total number of malicious applications to have affected Mac users over the years doesn’t begin to compete with the volume of Windows-targeting malware we see nowadays in a single day, even if you count all the pre-OS X stuff and the macro viruses. And most of what we do see affecting macOS and iOS users falls into the adware or PUA categories, and they just don’t have the glamour of a fast-burning worm or a ransomware epidemic.

One thing that Thomas mentioned did particularly pique my interest: that is, his mention of Elk Cloner, often claimed to be the first in-the-wild virus. Well, maybe, though in fact there were a couple of other Apple II viruses circulating around the same time at Texas A&M. It’s because it was Apple II (i.e. pre-Mac) malware and only worked ‘reliably’ on disks in AppleDOS 3.3 format that I’ve never – as far as I remember – written about it here. And I guess it’s a bit late now: a timeline for Apple II malware would be very short indeed, and I think Elk Cloner’s author has reaped quite enough publicity from that youthful prank over the years…

David Harley


Posted by: David Harley | March 7, 2018

Mobile malware report from Kaspersky

Interesting content from Roman Unuchek for Kaspersky: Mobile malware evolution 2017

David Harley

Posted by: David Harley | March 7, 2018

Enhanced Chrome protection for macOS users

Google security blog: Expanding protection for Chrome users on macOS.

Kylie McRoberts and Ryan Rasti say: “Safe Browsing is broadening its protection of macOS devices, enabling safer browsing experiences by improving defenses against unwanted software and malware targeting macOS.”

David Harley

Posted by: David Harley | March 7, 2018

Unlocking the iPhone (again)

John E. Dunn for Sophos: Second company claims it can unlock iPhone X.

Hard on the heels of a somewhat similar claim by Cellebrite – Cellebrite, the iPhone, and Android – this story concerns “Grayshift [which] is reportedly quietly touting software it claims can unlock Apple’s flagship handsets, the iPhone X and 8.”

David Harley

Posted by: David Harley | March 2, 2018

Phishing the App Store (again)

Chance Miller, for 9to5Mac, describes another phishing attack on Apple App Store users: PSA: Watch out for these convincing App Store subscription phishing emails. This one tells you that you’ve signed up for a YouTube Red subscription which will cost you $144.99 per month once your free month is up. Miller says, quite convincingly, “The goal of that outrageous monthly is seemingly to entice people to click the “Cancel Subscription” link.”

Commentary from Lisa Vaas for Sophos here: Don’t fall for fake iTunes and App Store messages.

And Apple has some tips here: Identify legitimate emails from the App Store or iTunes Store

“If you’re not sure whether an email about an App Store, iTunes Store, iBooks Store, or Apple Music purchase is legitimate, these tips may help.”

Commentary by Graham Cluley for BitDefender: Apple issues advice on how to spot App Store and iTunes phishing scams

David Harley



Posted by: David Harley | February 28, 2018

Android cryptocurrency scams

Lukas Stefanko for ESET: Cryptocurrency scams on Android: do you know what to watch out for?

David Harley

Posted by: David Harley | February 28, 2018

Unlocking iThings

Paul Ducklin, for Sophos, asks: Can the FBI really unlock ANY iPhone in existence?

He’s referring, of course, to the Forbes story to which I alluded here a few days ago: Cellebrite, the iPhone, and Android.

Well, it’s a good question, and while he doesn’t quite give us The Answer, he does cover some useful ground: well worth reading.

David Harley


Older Posts »